Hi,
I'm trying to use the "command=" ability with ssh and rsync to restrict the commands that can be run with a passwordless ssh key. The problem is that I can't figure out the exact rsync that's being executed on the remote side. I recall in the past being able to somehow log this information to syslog, but now I can't remember and can't find it.
Does anyone know how to do this?
I recall it being related to LogLevel and SyslogFacility, but I must be missing something.
The rsync command I'm running on the local side is:
$ rsync -a -e 'ssh -i /path/to/private-key' /path/to/local/files host:/path/to/dest/
The contents of my /root/.ssh/authorized_keys for the command I want to execute is something like this:
command="/usr/bin/rsync --server --sender -logDtprze.iLs --numeric-ids . /",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC....
I want to upgrade this to instead use an ed25519 key and define a more specific path.
I've also tried the SSH_ORIGINAL_COMMAND environment variable, but it doesn't seem to be set.
Thanks,
Alex
Alex
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
